Physical Authentication at The University of Michigan

20 May 2014

This past spring, my colleagues David Adrian, Matt Diffenderfer, and myself did a brief audit of the physical authentication systems employed at the University of Michigan’s Ann Arbor campus. Focusing on digital systems which utilize physical tokens, we investigated the strengths and weaknesses of the university’s Mcard student IDs and dormitory key cards with regards to security.

Abstract

The University of Michigan employs several card-based identification and authentication mechanisms to regulate physical access to campus properties. Magnetic stripes are used for the university’s dormitory keys and Mcard student IDs, with the latter also employing contactless smart card technology for building access. Prior published works have shown these technologies to often be inadequate for security purposes, resulting in the university having to update their systems in recent years with the goal of bolstering campus security. We present a security analysis of the current iteration of the Ann Arbor campus systems for authentication via Mcards and dormitory key cards, and a survey of past and potential future attacks against these systems.

You can find the full paper here.

Mike Grzych About Archive Feed

Physical Authentication at The University of Michigan

Abstract

Related Posts

EECS 494 - Computer Game Design 19 May 2014